Nessus vulnerability scanner is a tool which can discover and analyze vulnerabilities in the system so that IT staff can fix that holes and hence the system becomes more secure. Before scanning the system, it is necessary to update Nessus’s plugins to make sure that it’s up-to-date and will able to detect the latest vulnerabilities. If you have a disconnected network from the Internet, you need to update the Nessus’s plugins manually.
This article will show you how to offline update Nessus 3.2.1’s plugins with free subscription on Windows. With free subscription, you can only get plugins that delayed 7 days. Otherwise, you need to purchase for the latest plugins. If you have disconnected network from the Internet, I think using free plugins would be sufficient.
Sections
Step-by-step to offline update Nessus
Register at Nessus for activation code
- Navigate to www.nessus.org. Click on ‘Plugins’.
- Click on ‘Obtain an activation code’.
- Scroll down to the bottom of the page, click ‘Register’ on the FREE subscription.
- Click ‘I accept’ to accept the agreement.
- Enter your e-mail address and click register. Nessus will send an activation code to this e-mail.
- Now e-mail has been sent with the activation code.
- Check your e-mail and you should see the activation code.
Download plugins
- To download the plugins, you need an activation code and challenge code. You already have an activation code. Now you need to find a challenge code.
- Install Nessus 3.2.1 to get a challenge code.
- When finishes the installation. Open Product Registration to see the challenge code. Open Start -> Programs -> Tenable Network Security -> Nessus -> Product Registration.
- On Product Registration, you’ll see the challenge code. This will be used with the activation code to download Nessus’s plugins.
- Navigate to plugins.nessus.org/offline.php. Copy the challenge code to the first line and the activation code that you received from an e-mail to the second line. Click submit.
Note: You can only use your activation code once. If you need to download again, you have to register again (you can use the same e-mail).
- Click on the link ‘http://….’ to download the plugins.
Extract and build plugins on Nessus 3.2.1
- Extract the downloaded file (.tar.gz) to C:\Program Files\Tenable\Nessus\plugins\scripts. You have to extract .tar.gz to .tar first and then extract the file again to that directory. It will ask to overwrite the existing files, select Yes to All.
Note: To extract the file, you can use tools like WinZip, WinRar, 7Zip, etc.
- Waiting until the extraction is finished.
- Once finishes, run this file C:\Program Files\Tenable\Nessus\build.exe by double-click the file.
- Waiting the program rebuilds plugins. When finishes, the window will disappear.
- Now Nessus is up-to-date and should be ready to scan the system.
Summary
This article is show how to update plugins on Nessus 3.x on Windows which was already documented at Nessus.org. But I want to summarize with illustration to make it simple and easy to follow guide.
This was such an informative, relevant answer. It was exactly what I was looking for. I’m so happy to know I’ll be getting something out of you posts.
In the Philippines they say “maraming salamat” which means Thank you so much for the shared information
Thank u so much for this simple and easy to use tutorial !
il helped me…
Thanks! I’ve been looking for awhile on how to do an offline plug-in install. Hopefully this will work with version 4.2.